Content Storage in Enterprise Content Management
Content storage in an ECM environment is not only concerned with storage devices like Hard Disks, Compact Discs (CDs), DVDs, and so on but also with issues like findability, security, disaster recovery and ensuring the authenticity of stored content.
Findability of Stored Content
Enterprise content can take many different formats—text documents (doc, txt), images (jpeg, gif, tiff), audio and video (wav, avi), e-mails, proprietary formats like PDF, and so on. The filename extensions like ‘doc’ and ‘wav’ are typically used to identify the application that created it and can open/view the document.
However, this means that the relevant application must be available to the user, wherever that person is located. Additionally, some filename extensions like ‘dat’ are used by different applications that work with different standards (making the ‘dat’ documents incompatible among applications).
The emerging solution is to use XML-based standards that can work with different formats and enable a user to open and view documents created by applications like Microsoft Office and other document-creation software.
There are also standards like XAM that define a standard access method between applications and storage systems. The aim is to make access independent of storage systems, technology, and solutions.
Security
Security measures seek to protect enterprise content from unauthorized access. If sensitive information like business plans and marketing strategy fall into competitors’ hands, it could prove highly damaging to the business.
Security is implemented by restricting access to the content using passwords, access rights, and read/write permissions. Audit trails are also maintained to identify who worked with what content, what the person did with it and when, etc.
Security must also cover dangers like virus attacks, hacking, and unauthorized printouts. Anti-virus software, firewalls, and use of network printers under the supervision of specific persons are some of the security measures widely used by organizations.
Disaster Recovery
Enterprise Content is considered the enterprise’s knowledgebase and it’s critical that this knowledge be protected against disasters of different kinds.
Backing up data on a regular basis, checking the recoverability of the backed-up data, and storing the backup in a different location are key elements in a disaster recovery plan. Technologies are available to automatically back up data online and for transferring backup to removable storage media like magnetic tapes.
There are also specialists who have facilities and know-how to recover lost data from damaged disks.
Storage Devices
Enterprise Content Management involves preserving content for long periods. It also requires maintenance of historical data and different versions. This objective is best achieved using WORM—Write Once Read Many—storage devices that do not allow changes or deletions once data has been recorded on the media. Optical media are the best WORM storage devices.
DASD media—Direct Access Storage Devices—like hard disks allow changes and erasures. In these cases, Check Out/Check In procedures are implemented requiring the user to check out a document for making changes and then checking in the altered document back to the media. This helps an audit trail to be maintained, and also prevents undesirable consequences of two people making changes at the same time to the same document (if a document is checked out, no changes are allowed until it’s checked back in).
Ensuring Authenticity
Because digital data are easily alterable, courts look at the practices regarding the way it’s handled in an organization. The data might be accepted as authentic only if the court is satisfied that policies and practices are in place that make it difficult to make unauthorized changes, and that audit trails are created for any changes made.
Conclusion
In addition to the selection of storage devices, Enterprise Content Management Software has to attend to findability, security, disaster recovery, and other issues. Policies and practices must also be planned and implemented to ensure that courts in case of litigation would accept the stored data as authentic.
